55% of civil aviation cyber decision makers have admitted to being on the receiving end of a ransomware attack in the past 12 months.
This is according to the latest research by Bridewell, which has surveyed 519 staff responsible for cybersecurity at U.S. critical infrastructure (CI) organizations, encompassing civil aviation, energy, transport, finance and central government.
The dual attack threat
Ransomware attacks have significant implications for the civil aviation industry, with 41% of respondents from organizations that experienced an attack citing lost data as one of the primary consequences of a breach, along with 38% pointing to operational disruption. The loss, encryption or destruction of data through a ransomware attack not only increases the risk of delayed or cancelled flights, but of system downtime that prevents bookings, payments and disrupts workflows.
The survey found that on average, aviation organizations experienced 18 incidents of data theft or misuse of data last year while the average number of phishing attacks was 16. Drone threats are also widespread in the industry, averaging 21 incidents over the last 12 months. The combination of these threats is putting immense pressure on the industry to enhance its cyber defenses and response strategies.
Delayed response
Given the significant consequences in a sector where safety is essential, organizations are struggling to react quickly to cyber incidents and mitigate the damage they cause. While phishing attacks are dealt with in an average timeframe of 9.33 hours, responses to ransomware take much longer (16.81 hours). Nation-state attacks take 13.79 hours to respond to on average. Although this is faster than for ransomware, nation-state threats are particularly concerning for the aviation industry, due to its high profile and global presence.
Future-proofing aviation
In the face of these concerns, civil aviation organizations are actively enhancing their cybersecurity measures. Almost every organization surveyed (98%) is using at least one AI-driven tool such as AI-enhanced endpoint protection, automated incident response solutions, or network behavior analysis. Furthermore, 72% plan to increase their IT security spend compared to last year.
“The aviation sector’s global presence and role in the world’s economy makes it a particularly vulnerable industry. But ransomware and phishing attacks are having a detrimental impact, and lengthy response times are only adding to the damage caused,” says Chase Richardson, Vice President of Consulting at Bridewell.
“With nation-state attacks also posing a significant threat, the sector must fortify its cyber defenses with incident response and reporting, defined risk management practices, regular audits and training programs to future-proof its operations. It’s promising that the sector is already adopting AI-driven solutions and planning to invest more in cyber security in order to protect itself.”